LeakIX - Host 85.214.151.29

Host 85.214.151.29

Germany

Strato AG

SSH is potenitally vulnerable

WARNING: This plugin will generate false positive and is purely informative:

regreSSHion: RCE in OpenSSH's server, on glibc-based Linux systems (CVE-2024-6387)

IP: 85.214.151.29
Port: 22

First seen 2024-09-10 05:53
Last seen 2024-12-21 23:05
Open for 102 days
- Severity: info
  Fingerprint: 3f43e0ebb5dce37ab8b59eb50d52828d37a3aa8437a3aa8437a3aa8437a3aa84
```
Found potentially vulnerable SSH version:
SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.5
WARNING, RISK IS ESTIMATED FALSE POSITIVE ARE LIKELY
```
  Found on 2024-12-21 23:05
- Severity: info
  Fingerprint: 3f43e0ebb5dce37ab8b59eb50d52828c64fb433164fb433164fb433164fb4331
```
Found potentially vulnerable SSH version:
SSH-2.0-OpenSSH_9.6p1 Ubuntu-3ubuntu13.4
WARNING, RISK IS ESTIMATED FALSE POSITIVE ARE LIKELY
```
  Found on 2024-10-01 23:44
Create report

Server vulnerable to Log4J CVE-2021-44228

The reply originated from a backend server, the originating frontend server has been included in the report for reference.

It is critical to patch log4j or the application using since the issues is exploited in the wild and leads to RCE.

IP: 85.214.151.29
Domain: paulovasquez.com
Port: 443
URL: https://paulovasquez.com

First seen 2022-01-03 08:45

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a59bbf4e8ae6a3b61023a7fc0223a7fc02

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 159.478679ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b203135392e3437383637396d730a

Found on 2022-01-03 08:45

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb7d1584c846d275c4a89660eab89660eab

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 199.3286ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b203139392e333238366d730a

Found on 2022-01-03 08:45

Severity: critical
Fingerprint: aff4d642200b0639f8880459931901234349529c9c094e72c49db8c4c49db8c4

Received reply after a Log4j payload from this host
Ping was received because of query argument
Reply took 124.307881ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620717565727920617267756d656e740a5265706c7920746f6f6b203132342e3330373838316d730a

Found on 2022-01-03 08:45

Create report

Server vulnerable to Log4J CVE-2021-44228

The reply originated from a backend server, the originating frontend server has been included in the report for reference.

It is critical to patch log4j or the application using since the issues is exploited in the wild and leads to RCE.

IP: 85.214.151.29
Port: 443
URL: https://85.214.151.29

First seen 2021-12-31 10:22

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a539c51900fac1bef63a32c2563a32c256

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 171.146163ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b203137312e3134363136336d730a

Found on 2021-12-31 10:22

Severity: critical
Fingerprint: aff4d642200b0639f888045993190123ccc1632609d879cced9314f0ed9314f0

Received reply after a Log4j payload from this host
Ping was received because of query argument
Reply took 127.639383ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620717565727920617267756d656e740a5265706c7920746f6f6b203132372e3633393338336d730a

Found on 2021-12-31 10:22

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb7252a598e54504824148ec09f148ec09f

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 260.379836ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b203236302e3337393833366d730a

Found on 2021-12-31 10:22

Create report

Open service 85.214.151.29:22

2024-12-21 23:05
Found 13 hours ago by SSHOpenPlugin
Create report
Open service 85.214.151.29:22

2024-12-19 23:24
Found 3 days ago by SSHOpenPlugin
Create report
Open service 85.214.151.29:22

2024-12-17 22:06
Found 2024-12-17 by SSHOpenPlugin
Create report
Open service 85.214.151.29:22

2024-12-15 21:30
Found 2024-12-15 by SSHOpenPlugin
Create report
Open service 85.214.151.29:22

2024-12-13 23:33
Found 2024-12-13 by SSHOpenPlugin
Create report
Open service 85.214.151.29:22

2024-12-11 23:39
Found 2024-12-11 by SSHOpenPlugin
Create report
Open service 85.214.151.29:22

2024-12-01 23:05
Found 2024-12-01 by SSHOpenPlugin
Create report
Open service 85.214.151.29:22

2024-11-29 23:32
Found 2024-11-29 by SSHOpenPlugin
Create report
Open service 85.214.151.29:22

2024-11-27 22:24
Found 2024-11-27 by SSHOpenPlugin
Create report

Domain summary

paulovasquez.com 3

1 recorded

Host 85.214.151.29

Germany

SSH is potenitally vulnerable

Server vulnerable to Log4J CVE-2021-44228

Server vulnerable to Log4J CVE-2021-44228

Domain summary